Lilly Jobs

Job Information

Lilly Sr. Director - Information Security, Lilly Research Labs (LRL) in Indianapolis, Indiana

At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our 35,000 employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We’re looking for people who are determined to make life better for people around the world.

Organization Overview:

At Lilly, we serve an extraordinary purpose. For more than 140 years, we have worked tirelessly to discover medicines that make life better. These discoveries start in Lilly Research Laboratories, where our scientists work to create new medicines that will help solve our world’s greatest health challenges.

The LRL BISO position supports the Information Security organization with ensuring that Eli Lilly and Company business and technology initiatives demonstrate a responsible information security posture and risk-based approach to managing information security risks in accordance with the expectations of its shareholders, regulators, and corporate policies. The LRL BISO is responsible for enabling the IS vision, enabling the business, and providing a strong partnership between IS and LRL. The LRL BISO must build trust with business partners to advance top business objectives while managing security risks​. The LRL BISO owns the security roadmap for LRL ensuring security by design is a top priority through engagement with multiple stakeholders in technical and leadership roles. The LRL BISO will represent the uniqueness of the function, integrating information security in partnership with the Information Security Organization. The major IS responsibilities include:


Strategic & Governance

  • Partnership with IS and LRL in the development and approval of the annual LRL IS roadmap.

  • Ensuring appropriate IS transparency and visibility of the information security efforts and the overall risk profile of LRL

  • Providing LRL with the appropriate transparency and visibility of the IS roadmap and efforts

  • Integrating and operationalizing information security risk management practices into LRL strategies and operations

  • Managing LRL’s information security portfolio of activities, projects, and efforts

  • Educate and Drive Behavior Change

Tactical & Execution

  • Supporting LRL information security assessments and audits

  • Supporting the information security education and development of LRL staff

  • Maintaining the LRL’s information security scorecard, and risk profiles

  • Supporting and representing LRL in risk reduction and remediation activities

  • Supporting and driving LRL IS policies and procedures

  • Facilitating and participating in governance and engagement activities

  • Developing and executing LRL IS Roadmap in partnership with the business and LRL IDS

  • Representing LRL IS roadmaps during IS business planning

  • Representing IS roadmaps during LRL business and LRL IDS business planning

Leadership & Technical Skills

  • Direct leadership responsibility for a team of four

  • Oversight of the LRL Security Ambassador program

  • Influence

  • Coaching within a matrix organization (up, down, across)

  • Shared resource management

  • Ability to identify and assess IS risk

  • Educate and drive behavior change

  • Manage business, IS and IDS relationships

  • Educating leaders and acting as escalation points for operational and tactical efforts

  • Financial Management

  • People Development

Basic Requirements:

  • Bachelor’s degree in a discipline related to information security or information technology

  • At least five years of IT experience

  • At least three years of Information Security or risk management experience

  • At least two years people leadership experience

  • CISSP, CRISC, CISM within one year of start

Additional Preferences:

  • Expertise with NIST cybersecurity framework

  • Cyber security risk management experience, e.g. conducting assessments, identifying risks, and recommending solutions

  • Experience with vendor management

Eli Lilly and Company, Lilly USA, LLC and our wholly owned subsidiaries (collectively “Lilly”) are committed to help individuals with disabilities to participate in the workforce and ensure equal opportunity to compete for jobs. If you require an accommodation to submit a resume for positions at Lilly, please email Lilly Human Resources ( ) for further assistance. Please note This email address is intended for use only to request an accommodation as part of the application process. Any other correspondence will not receive a response.

Lilly is an EEO/Affirmative Action Employer and does not discriminate on the basis of age, race, color, religion, gender, sexual orientation, gender identity, gender expression, national origin, protected veteran status, disability or any other legally protected status.

Our employee resource groups (ERGs) offer strong support networks for their members and help our company develop talented individuals for future leadership roles. Our current groups include: Africa, Middle East, Central Asia Network, African American Network, Chinese Culture Network, Early Career Professionals, Japanese International Leadership Network (JILN), Lilly India Network, Organization of Latinos at Lilly, PRIDE (LGBTQ + Allies), Veterans Leadership Network, Women’s Network, Working and Living with Disabilities. Learn more about all of our groups.

As a condition of employment with Eli Lilly and Company and its subsidiaries in the United States and Puerto Rico, you must be fully COVID-19 vaccinated and provide proof of vaccination satisfactory to the company (subject to applicable law).


At Lilly we strive to ensure our employees are part of a team that cares about them and our shared purpose of making life better for those around the world. How do we do this? We continue to look for ways to include, innovate, accelerate and deliver while maintaining integrity, excellence and respect for people.​ We hope that you seek to join us on our journey as we create medicine and deliver improved outcomes for patients across the globe!